diff --git a/.github/workflows/megalinter.yml b/.github/workflows/megalinter.yml index 1095010..9e25d19 100644 --- a/.github/workflows/megalinter.yml +++ b/.github/workflows/megalinter.yml @@ -33,7 +33,7 @@ jobs: steps: # Git Checkout - name: Checkout Code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v4 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v4 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} fetch-depth: 0 @@ -41,7 +41,7 @@ jobs: # MegaLinter - name: MegaLinter id: ml - uses: oxsecurity/megalinter/flavors/python@8fbdead70d1409964ab3d5afa885e18ee85388bb # pin@v9.4.0 + uses: oxsecurity/megalinter/flavors/python@0e3ce9b9c8c10effb9b269509cc47ca17cae31c7 # pin@v9.5.0 env: VALIDATE_ALL_CODEBASE: true GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -93,6 +93,6 @@ jobs: - name: Upload MegaLinter scan results to GitHub Security tab if: steps.sarif_file_exists.outputs.files_exists == 'true' - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # pin@v2 + uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 # pin@v2 with: sarif_file: "megalinter-reports/megalinter-report.sarif" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 93b7be4..eb57e8b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,10 +18,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v3 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # pin@v3 - name: Build and Publish Image - uses: wesley-dean/publish_container@f9a254ab094618da2c41e7011035b51447cf367c # pin@v1.0.16 + uses: wesley-dean/publish_container@6d4b9c6f292d4542e3d6ccf320bee793fccbf489 # pin@v1.0.19 with: dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} dockerhub_token: ${{ secrets.DOCKERHUB_PAT }}